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REMARKS 

The Examiner objects to the drawings under 37 CFR§1.84(p)(4). Applicants disagree with 
the objection. Reference characters 110 and 104; 106, 102, and 108, and 202 and 206 do not refer 
to the same element. Reference character 1 1 0 refers to the network while character 1 04 refers to the 
depicted link in the network (specification at page 4, lines 16-20). Reference character 102 refers 
to a computing device, reference character 106 to a server system which includes the computing 
device 102, and reference character 108 to a client system which includes the computing device 102 
(specification at page 4, lines 16-23). Finally, reference character 202 refers to portions of the Web 
page 124 that include entry fields 204 and a number of presentation fields 206 (specification at page 
7, lines 19-21)7 ~ 

Filed concurrently herewith is a Submission of Formal Drawings to provide drawings of 
sufficient quality to permit fiirther examination by the Examiner. 

The Examiner rejects claims 1-28 under 35 U.S.C.§ 102(b) as being anticipated by U.S. 
Patent 5,671,279 to Elgamal and claims 12 and 25 under 35 U.S.C.§103(a) as being unpatentable 
over Elgamal as applied to claims 10 and 15 above and fiirther in view of U.S. Patent 5,729,594 to 
Klingman. 

Applicant respectfiilly traverses the Examiner's rejections. Elgamal and Klingman fail to 
teach or suggest, individually and collectively, at least the following italicized features of the pending 
independent claims: 

1, A method of communicating data between a first computing device 
and a second computing device, the method comprising the steps of: 



Application No. 09/453 J 36 

communicating a first datum of a message from the first computing device to 
the second computing device with encryption of the first datum; and 

communicating a second datum of the message from the first computing 
device to the second computing device without encryption of the second datum, 

15. A data communication system comprising: 

a first computing device that communicates information to a second 
computing device responsive to a request fi-om the second computing device to the 
first computing device, the information including a procedure that causes the second 
computing device to select a first datum of a message for communication of the first 
datum from the second computing device to the first computing device with 
encryption and select a second datum of the message for communication of the 
second datum from the second computing device to the first computing device 
without encryption] and 

the first computing device receiving the first datum with encryption and the 
second datum without encryption and decrypting the first datum. 

The present invention is directed to an encryption module that encrypts only part of a 

message sent by one node to another node. By way of example, in one configuration of the present 

invention a graphical display is presented to a user requesting the user to input information into a 

number of input fields. Some of the fields require the entry of confidential information while others 

do not. When the user requests transmission of the displayed information to another node, the 

module encrypts only the confidential fields and not the non-confidential fields. The use of 

encryption on only part of the transmission can represent substantial savings in computational 

resources both at the transmitting and receiving nodes. 

Elgamal 

Elgamal, the primary reference, is directed to a courier electronic payment system that 
provides customers, merchants, and banks with a secure mechanism for using a public network as 
a platform for credit card payment services. The system governs the relationship between a 
customer, merchant, and acquirer gateway to perform credit card purchases over such networks as 
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the Internet. The system uses a secure connection to simplify the problem of Internet-based financial 
transactions in accordance with an electronic payment protocol that secures credit card payments and 
certifies infi*astructure that is required to enable all of the parties to participate in the electronic 
commerce^ as well as to provide the necessary formats and interfaces between the different modules 
and systems. 

The Examiner states that Elgamal teaches sending both encrypted (PI value) and unencrypted 

(purchase order and payment instruction messages) information from a merchant to a customer. This 

conclusion conflicts with the clear teachings of Elgamal. At col. 4, Unes 33-37, Elgamal states that: 

All channel communications between any two nodes in the system should be 
encrypted. This guards against any network snooping and does not give any 
information to possible attackers. " 

At col. 4, lines 52-57, Elgamal further states that: 

Integrity is maintained at all times using a keyed message digest computation. This 
should be part of the channel security mechanism. An extra layer of integrity is 
added to the message level using a hash of each message to avoid early termination 
type attacks, and to make sure that the messages arrive at the recipient unaltered. 

Regarding the specific text identified by the Examiner, Elgamal specifically states that the "PI value 

should be encrypted so that the Merchant's server, e.g. on the Internet, does not have any clear credit 

card numbers that can be accessed remotely" (col. 9, lines 30-33) and "[t]he PI is preferably sent 

encrypted to the Acquirer using the Acquirer's public key" (col. 10, Unes 20-21). 

Elgamal does state that the PI value maybe sent "in the clear" (col. 10, lines 21-23) but later 

states that: 

It may be necessary to send the PI without encryption in case of a merchant that 
performs the capture process independently. This is reflected in a capability field in 
the merchant certificate that instructs the acquirer software to send the credit card 
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information back to the merchant. As discussed above, the data on the channel are 
encrypted by the secure transport, and the Merchant is the only entity that may 
receive the clear PI data from the acquirer. 

(col. 10, lines 37-40). 

Contrary to the Examiner's assertions, Elgamal does not state that the purchase order and 
payment instruction messages are not encrypted. 

Even if the Examiner*s reading of Elgamal is correct, Elgamal refers to different messages 
sent at differing times. It does not refer to the encryption of only parts of the same message. In the 
present invention, the encrypted and unencrypted input fields are requested to be transmitted by the 
user simultaneously or substantially simultaneously. Within the packeted stream derived by the 
present invention from the message, some packet payloads are encrypted while others are not and/or 
some portions of a packet payload are encrypted while other portions are not. 

Klingman 

Klingman is directed to a remote communication system for facilitating secure electronic 
purchases of goods in on-line, wherein a suitable local user input device in association with a data 
transmission system, couples the user input into a packet network system for commxmication to a 
remote receiver/decoder apparatus to try a potentially desirable product. Upon selection of the 
desired product by the user, a telecom network link is used to communicate a telephone number 
associated with the desired product from the user to the remote receiver to allow the user to buy the 
desired product. The telecom network used to link the user input device to the remote apparatus may 
also include a 900 number billing system for assessing and collecting fees for use of the system. 
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Klingman, unlike Elgamal and the present invention, sends confidential information over a 
circuit-switched telecommunications network, such as the PSTN, and non-confidential information 
over a packet-switched network, such as the Internet. "Consequently, there is no need for any 
encryption procedures or digital signatures, although encryption may be used if so desired." (Col. 
13, lines 45-52.) 

Accordingly, the rejected claims are allowable over Klingman. 

The dependent claims provide fiirther reasons for allowance. 

By way of example, dependent claim 2 requires the step of communicating the first datum 
of the message with encryption of the first datum and the step of communicating the second datum 
of the message without encryption of the second datunTto includeltiestqp of coriu^^ 
datum, with encryption and the second datum without encryption in a same packet that comprises the 
message and fiirther includes the steps of providing a display to a user, the display comprising at 
least first and second input fields for input from the user and at least a first presentation field 
associated with the at least first and second input fields; and receiving the message from the user, 
wherein the message corresponds to the display and wherein first datum refers to the first input field 
and the second datum to the second input field of the display. . 

Dependent claim 3 requires the step of communicating the first datum of the message with 
encryption of the first datum and the step of communicating the second datum of the message 
without encryption of the second datum to include the steps of communicating the first datum with 
encryption in a first packet of the message and communicating the second datum without encryption 
in a second packet of the message different from the fu"st packet of the message and the fiirther steps 
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of providing a display to a user, the display comprising at least first and second input fields for input 
fi-om the user and at least a first presentation field associated with the at least first and second input 
fields and receiving the message fi-om the user, wherein the message corresponds to the display and 
wherein the first datum refers to the first input field and the second datum to the second input field 
of the display. 

Dependent claim 4 requires the step of communicating the first datum of the message with 
encryption of the first datum and the step of communicating the second datum of the message 
without encryption of the second datum comprise the step of employing a same path between the 
fu-st computing device and the second computing device to communicate the first datum with 
encryption and the second datum without encryption. 

Dependent claim 5 requires the step of employing the same path to communicate the first 
datum with encryption and the second datum without encryption to include the step of employing 
a TCP/IP passage between the first computing device and the second computing device to 
communicate the first datum with encryption and the second datum without encryption. 

Dependent claim 6 requires the step of commxmicating the first datum of the message with 
encryption of the first datum to include the step of employing a key to encrypt the first datum of the 
message for communication of the first datum from the first computing device to the second 
computing device with encryption of the first datum. 

Dependent claim 10 requires the step of communicating a procedure fi-om the second 
computing device to the first computing device, and wherein the step of communicating the first 
datum of the message fi-om the first computing device to the second computing device with 
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encryption of the first datum comprises the step of employing the procedure to encrypt the first 
datum of the message for communication of the first datum fi-om the first computing device to the 
second computing device, 

AppUcant has added new claims 29-36 which provide additional reasons for allowance. 

Based upon the foregoing, AppUcant believes that all pending claims are in condition for 
allowance and such disposition is respectfiilly requested. In the event that a telephone conversation 
would fiirther prosecution and/or expedite allowance, the Examiner is invited to contact the 
undersigned. 



Respectfully submitted, 



SHERIDAN ROSS P.C. 




Douglas W. Swartz 
Registration No. 37,739 
1560 Broadway, Suite 1200 
Denver, Colorado 80202-5141 
(303) 863-9700 
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